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The MAILING DATE of this communication appears on tfie cover sheet with the correspondence address 
Period for Reply 

A SHORTENED STATUTORY PERIOD FOR REPLY IS SET TO EXPIRE 3 MONTH(S) FROM 
THE IVIAILING DATE OF THIS COMMUNICATION. 

- Extensions of time may be available under the provisions of 37 CFR 1 .136(a). In no event, however, may a reply be timely filed 
after SIX (6) MONTHS from the mailing date of this communication. 

- If the period for reply specified above is less than thirty (30) days, a reply within the statutory minimum of thirty (30) days will be considered timely. 

- If NO period for reply is specified above, the maximum statutory period will apply and will expire SIX (6) MONTHS from the mailing date of this communication. 

- Failure to reply within the set or extended period for reply will, by statute, cause the application to become ABANDONED (35 U.S.C. § 1 33). 
Any reply received by the Office later than three months after the mailing date of this communication, even if timely filed, may reduce any 
earned patent term adjustment. See 37 CFR 1.704(b). 

Status 

1 )S Responsive to connmunication(s) filed on 15 February 2001 . 
2a)n This action is FINAL. 2b)K This action is non-final. 

3) n Since this application is in condition for allowance except for formal matters, prosecution as to the merits is 

closed in accordance with the practice under Ex parte Quayle, 1935 CD. 1 1 , 453 O.G. 213. 

Disposition of Claims 

4) S Claim(s) 1-22 is/are pending in the application. 

4a) Of the above claim(s) is/are withdrawn from consideration. 

5) 0 Claim(s) is/are allowed. 

6) ^ Claim(s) 1-22 is/are rejected. 

Claim(s) is/are objected to. 

8) 0 Claim(s) are subject to restriction and/or election requirement. 

Application Papers 

9) ^ The specification is objected to by the Examiner, 

10) 0 The drawing(s) filed on is/are: a)n accepted or b)n objected to by the Examiner. 

Applicant may not request that any objection to the drawing(s) be held in abeyance. See 37 CFR 1 .85(a). 
Replacement drawing sheet(s) including the correction is required if the drawing(s) is objected to. See 37 CFR 1 .121(d). 

1 1) 0 The oath or declaration is objected to by the Examiner. Note the attached Office Action or form PTO-152. 

Priority under 35 U.S.C. § 119 

12) 0 Acknowledgment is made of a claim for foreign priority under 35 U.S.C. § 119(a)-(d) or (f). 
a)n Ail b)n Some * 0)0 None of: 

1 .□ Certified copies of the priority documents have been received. 

2.n Certified copies of the priority documents have been received in Application No. . 



3.D Copies of the certified copies of the priority documents have been received in this National Stage 
application from the International Bureau (PCT Rule 17.2(a)). 
* See the attached detailed Office action for a list of the certified copies not received. 
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4) □ Interview Summary (PTO-413) 
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6) □ Other: . 



U.S. Patent and Trademark Office 
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DETAILED ACTION 
Information Disclosure Statement 

1 . The information disclosure statement filed 1 5 February 2001 falls to 
comply with 37 CFR 1 .98(a)(2), which requires a legible copy of each U.S. and 
foreign patent; each publication or that portion which caused it to be listed; and 
all other information or that portion which caused it to be listed. It has been 
placed in the application file. All references have been considered with the 
exception of references of which copies were not received: specifically, copies of 
"NSA Windows Security Guidelines"; "Hacking Exposed"; and Chapter 2 of 
"Inside Windows NT" have not been received. Additionally, a copy of a 
document not listed on the information disclosure statement has been received, 
which is titled only as "Chapter Six: Security", pages 305-324; this document was 
not considered. 

Specification 

2. The disclosure is objected to because of the following informalities: 
The specification appears to contain minor typographical errors. For 

example, on page 7, lines 11-12, it appears that "privilee-d riven" is intended to 
read "privilege-driven". Appropriate correction is required. Applicant's 
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cooperation is requested in correcting any errors of which Applicant may become 
aware in the specification. 

Claim Rejections - 35 USC § 101 

3. 35 U.S.C. 101 reads as follows: 

Whoever invents or discovers any new and useful process, machine, manufacture, or 
composition of matter, or any new and useful improvement thereof, may obtain a patent 
therefor, subject to the conditions and requirements of this title. 

4. Claims 19-22 are rejected under 35 U.S.C. 101 because the claimed 
invention is directed to non-statutory subject matter. Claims 19-22 are directed 
solely to computer code perse, which is not tangibly embodied in a computer 
readable medium. This is not statutory subject matter. 

5. To expedite a complete examination of the instant application, the claims 
rejected under 35 U.S.C. 101 above are further rejected as set forth below in 
anticipation of Applicant amending these claims to place them within the statutory 
classes of invention. 

Claim Rejections - 35 USC §112 

6. The following is a quotation of the first paragraph of 35 U.S.C. 1 1 2: 

The specification shall contain a written description of the invention, and of the manner and 
process of making and using it, in such full, clear, concise, and exact terms as to enable any 
person skilled in the art to which it pertains, or with which it is most nearly connected, to make 
and use the same and shall set forth the best mode contemplated by the inventor of carrying 
out his invention. 
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7. Claims 2 and 16 are rejected under 35 U.S.C. 112, first paragraph, as 
failing to comply with the written description requirement. The claim(s) contains 
subject matter which was not described in the specification in such a way as to 
reasonably convey to one skilled in the relevant art that the inventor(s), at the 
time the application was filed, had possession of the claimed invention. 
Specifically, Claim 2 recites the limitation "maintaining the communications free 
from the user space" in lines 3-4 of the claim, and Claim 16 similarly recites the 
limitation "being free from the user space" in lines 2-3. The specification does 
not clearly define or describe these limitations. 

8. The following is a quotation of the second paragraph of 35 U.S.C. 112: 

The specification sliall conclude with one or more claims particularly pointing out and distinctly 
claiming the subject matter which the applicant regards as his invention. 

9. Claims 2, 16, and 22 are rejected under 35 U.S.C. 1 12, second 
paragraph, as being indefinite for failing to particularly point out and distinctly 
claim the subject matter which applicant regards as the invention. 

Claim 2 recites the limitation "maintaining the communications free from 
the user space" in lines 3-4. Claim 16 also recites the limitation "being free from 
the user space" in lines 2-3. These limitations are so broad as to render the 
scope of the claims indefinite, as it is unclear as to how exactly the 
communications are "free from the user space". For purposes of applying the 
prior art, it has been assumed that the limitation is intended to read similarly to 
Claims 3 and 17, in which communications travel between user and kernel 
spaces while encrypted. 
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Claim 22 recites the limitation "said states" in line 3 of the claim. There is 
insufficient antecedent basis for this limitation in the claim. 



Claim Rejections - 35 USC § 102 

1 0. The following is a quotation of the appropriate paragraphs of 35 

U.S.C. 102 that form the basis for the rejections under this section made in this 

Office action: 

A person shall be entitled to a patent unless - 

(e) the invention was described in (1) an application for patent, published under section 
122(b), by another filed in the United States before the invention by the applicant for patent or 
(2) a patent granted on an application for patent by another filed in the United States before 
the invention by the applicant for patent, except that an international application filed under 
the treaty defined in section 351(a) shall have the effects for purposes of this subsection of an 
application filed in the United States only if the international application designated the United 
states and was published under Article 21(2) of such treaty in the English language. 

11. Claims 1-3, 9, and 18-19 are rejected under 35 U.S.C. 102(e) as being 
anticipated by Kavsan, US Patent 6412069. 

In reference to Claim 1, Kavsan discloses a method including disposing an 
authentication module in the kernel space for encrypting and decrypting 
communications (Figure 1, Cryptographic Service Module 10), disposing a 
transport module in the kernel space to transmit and receive communications 
(Figure 1, Kernel API 8), and selectively actuating the authentication module and 
transport module to convey communications to and from kernel-level 
components (column 3, lines 20-24). 
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In reference to Claims 2 and 3, Kavsan further discloses that 
communications pass between user space and kernel components while 
encrypted (column 3, lines 24-27). 

In reference to Claim 9, Kavsan further discloses that the transport module 
includes a communication server within the kernel space (column 3, lines 46-52). 

Claims 18 and 19 are directed to computer readable code defining 
methods corresponding substantially to Claim 1 , and are rejected by a similar 
rationale. 

Claim Rejections - 35 USC § 103 

1 2. The following is a quotation of 35 U.S.C. 1 03(a) which forms the basis for 
all obviousness rejections set forth in this Office action: 

(a) A patent may not be obtained though the invention is not identically disclosed or described 
as set forth in section 102 of this title, if the differences between the subject matter sought to 
be patented and the prior art are such that the subject matter as a whole would have been 
obvious at the time the invention was made to a person having ordinary sl<ill in the art to which 
said subject matter pertains. Patentability shall not be negatived by the manner in which the 
invention was made. 

13. Claims 4-8, 10-17, and 20-21 are rejected under 35 U.S.C. 103(a) as 
being unpatentable over Kavsan in view of Nagar, "Windows NT File System 
Internals". 

In reference to Claim 4, Kavsan discloses everything as applied to Claim 1 
above. However, Kavsan does not explicitly disclose a filter driver to intercept 
the communications. 
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Nagar discloses that filter drivers may be used to intercept requests or 
communications targeting another kernel level driver (page 617, "What Is a Filter 
Driver?"). 

Therefore, it would have been obvious to one of ordinary skill in the art at 
the time the invention was made to modify the method of Kavsan by including a 
filter driver to intercept the communications, in order to provide added value 
beyond the core operating system environment (see Nagar, page 615, "Why Use 
Filter Drivers?"). 

In reference to Claim 5, Kavsan further discloses receiving 
communications, decrypting the communications, and permitting communications 
to be received by the kernel components (column 3, lines 46-52). 

In reference to Claim 6, Kavsan further discloses transmitting 
communications from the kernel components, encrypting the communications, 
and transmitting the communications (column 3, lines 20-24). 

In reference to Claims 7 and 8, Kavsan further discloses a management 
module in the kernel space (column 4, lines 4-11). 

In reference to Claims 10 and 1 1 , Kavsan further discloses a module 
defining operational states as an operational state and an administrative state 
and permitting or preventing communications based on the operational state 
(column 3, lines 27-29, where the administrative state includes software 
development). 

In reference to Claims 12 and 13, Kavsan further discloses selecting an 
operational state (column 3, lines 24-29). 



Application/Control Number: 09/784,960 
Art Unit: 2137 



Pages 



In reference to Claim 14, Kavsan discloses a method including disposing 
an authentication module in the kernel space for encrypting and decrypting 
communications (Figure 1, Cryptographic Service Module 10), disposing a 
transport module in the kernel space to transmit and receive communications 
(Figure 1, Kernel API 8), and selectively actuating the authentication module and 
transport module to convey communications to and from kernel-level 
components (column 3, lines 20-24). However, Kavsan does not explicitly 
disclose a filter driver to intercept the communications. 

Nagar discloses that filter drivers may be used to intercept requests or 
communications targeting another kernel level driver (page 617, "What Is a Filter 
Driver?"). 

Therefore, it would have been obvious to one of ordinary skill in the art at 
the time the invention was made to modify the method of Kavsan by including a 
filter driver to intercept the communications, in order to provide added value 
beyond the core operating system environment (see Nagar, page 61 5, "Why Use 
Filter Drivers?"). 

In reference to Claim 15, Kavsan discloses a system including an 
authentication module (Figure 1 , Cryptographic Service Module 10), a transport 
module (Figure 1 , Kernel API 8), and a remote authentication module (see 
column 3, lines 46-52). Kavsan further discloses that encrypting communications 
from the remote site with the remote authentication module, receiving the 
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communications, decrypting the communications, and permitting communications 
to be received by the kernel components (column 3, lines 46-52), Kavsan 
additionally discloses transmitting communications from the kernel components, 
encrypting the communications, transmitting the communications and decrypting 
the communications with the remote authentication module (column 3, lines 20- 
24 and 46-52). However, Kavsan does not explicitly disclose a filter driver to 
intercept the communications. 

Nagar discloses that filter drivers may be used to intercept requests or 
communications targeting another kernel level driver (page 617, "What Is a Filter 
Driver?"). 

Therefore, it would have been obvious to one of ordinary skill in the art at 
the time the invention was made to modify the system of Kavsan by including a 
filter driver to intercept the communications, in order to provide added value 
beyond the core operating system environment (see Nagar, page 615, "Why Use 
Filter Drivers?"). 

In reference to Claims 16 and 17, Kavsan further discloses that 
communications pass between user space and kernel components while 
encrypted (column 3, lines 24-27). 

Claims 20 and 21 are directed to computer readable code defining 
methods corresponding substantially to that of Claim 4, and are rejected by a 
similar rationale. 
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Conclusion 



14. The prior art made of record and not relied upon is considered pertinent to 
applicant's disclosure. 

a. Marino, Jr., et al, US Patent 5029206, discloses an interface for 
cryptographic services including a security kernel. 

b. Cox et al, US Patent 5349643, discloses a secure system for 
encryption including a security kernel. 

c. Winiger, US Patent 5845068, discloses a security method with a 
kernel including a security process. 

d. Krause et al, US Patent 6070198, discloses an encryption system 
for encryption within the kernel space. 

e. Brundrett et al, US Patent 6249866, discloses an encrypting file 
system using a filter driver within the kernel space. 

Any inquiry concerning this communication or earlier communications from 
the examiner should be directed to Zachary A Davis whose telephone number is 
(703) 305-8902. The examiner can normally be reached on weekdays 8:30-6:00, 
alternate Fridays off. 

If attempts to reach the examiner by telephone are unsuccessful, the 
examiner's supervisor, Andrew Caldwell can be reached on (703) 306-3036. The 
fax phone number for the organization where this application or proceeding is 
assigned is 703-872-9306. 
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Information regarding the status of an application may be obtained from 
the Patent Application Infonnation Retrieval (PAIR) system. Status information 
for published applications may be obtained from either Private PAIR or Public 
PAIR. Status information for unpublished applications is available through 
Private PAIR only. For more information about the PAIR system, see http://pair- 
direct.uspto.gov. Should you have questions on access to the Private PAIR 
system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll- 
free). 
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